package com.itheima.jdbc.JDBClogin;

import com.itheima.jdbc.数据库MYSQL.util.JDBCUtil;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
//sql注入问题
/*练习用户登录*/
public class loginDaoImpl {
    public static void main(String[] args) {
        String username = null;
        String password = null;
        Scanner sc = new Scanner(System.in);
        while (true) {
            System.out.println("请输入用户名: ");
            username = sc.nextLine();
            System.out.println("请输入密码: ");
            password = sc.nextLine();
            boolean login = login(username, password);
            if (login) {
                System.out.println("登录用户成功............");
            } else {
                System.out.println("登录用户失败............");
            }

        }
    }

    public static boolean login(String username, String password) {
        Connection conn = null;
        Statement stmt = null;
        ResultSet resultSet = null;
        if (username == null || password == null) {
            return false;
        }
        try {
            //连接数据库
            conn = JDBCUtil.getConnection();
            //定义sql
            String sql = "select * from user where username='" + username + "' and password='" + password + "'";
            //获取执行sql的对象
            stmt = conn.createStatement();
            //执行查询
            resultSet = stmt.executeQuery(sql);
            //关闭资源
            boolean bool=resultSet.next();
            JDBCUtil.colse(resultSet, stmt, conn);
            return bool;
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return true;
    }
}